Revision as of 07:17, 14 July 2009

I have just completed a tidyup, this including removing the section on connection control as I deemed it irrelivant. If needed, it is available in the history. Thelucster 13:51, 13 April 2009 (EDT)

sshd_config

Sometimes the 'ssh-add' is not enough to log in without a password. It is possible that ssh is configured in such way that only a limited group of users is allowed to the machine.
In this case - you need root-access to the server! - you have to change the configuration-file. Mostly you can find it as /etc/ssh/sshd_config.
If the last line(s) of this file read(s): 'AllowUsers <username>', you will have to add a similar line with your own username. Don't forget to restart the ssh deamon: '/etc/init.d/sshd restart'.

Using pam_ssh module

I just want to add that one could also use the pam_ss module, available here
http://pam-ssh.sourceforge.net/
or in the AUR to decrypt the ssh key on login and automatically start ssh-agent and add the keys.
This way one would have a truely password less ssh session and in the same way not compromise security by using a passphrase less key.

ssh-agent

The current wiki entries tells to "$ echo 'eval `ssh-agent`' >> ~/.bashrc" which will everytime spawn a new ssh-agent.
I think a more elegant way is only to add the export commands of ssh-agent to the .bashrc, so one ssh-agent can be used from every shell. This could be put in a small wrapper script: